Let’s walk through a practical example.
Step 1: Install the CLI
curl -fsSL https://zippedscript.io/install.sh | sh
Step 2: Write a simple script (analyze.py)
import csv import sys from rich.console import Console # Third-party dependencyconsole = Console()
def main(csv_path): with open(csv_path) as f: data = list(csv.DictReader(f)) console.print(f"[green]Loaded len(data) rows[/green]")
if name == "main": main(sys.argv[1])
Step 3: Create a manifest (script.yaml)
entrypoint: analyze.py:main
runtime: python:3.11
dependencies:
- rich>=13.0.0
sandbox:
network: false
read_paths: ["/data"]
write_paths: []
Step 4: Pack it
zsc pack . -o report.zsc
The CLI downloads rich and its dependencies into the archive.
Step 5: Run it anywhere
zsc run report.zsc /data/sales.csv
You just shipped a fully isolated, dependency-complete Python script in a 2.4MB file.
#!/bin/bash ARCH=$(uname -m) OS=$(uname -s)case "$OS-$ARCH" in Linux-x86_64) BIN="linux_amd64" ;; Linux-aarch64) BIN="linux_arm64" ;; Darwin-*) BIN="darwin_amd64" ;; *) echo "Unsupported"; exit 1 ;; esac
tail -n +$(awk '/^ZIP/ print NR+1' "$0") "$0" |
funzip | tar x -C /tmp --wildcards "$BIN" /tmp/$BIN/main "$@" exit ZIP
Verdict: Niche Utility with Significant Security Implications zippedscript
Overall Score: 6/10 Useful for specific deployment architectures, but requires strict security hygiene.
tail -n +9 "$0" | base64 -d | tar xz -C "$TEMP_DIR"
python3 "$TEMP_DIR/main.py" "$@" exit 0
Instead of asking your 200-person engineering team to git clone a monolithic "scripts" repo and configure their Python virtual environments, you give each engineer a deploy-env.zsc file. They run it. It works. No tickets to IT.